How to change trust model
Per Tunedal Casual
pt at radvis.nu
Wed May 11 02:22:28 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 00:21 2005-05-11, David Shaw wrote:
>On Wed, May 11, 2005 at 12:16:03AM +0200, Per Tunedal Casual wrote:
>
>> Scenario:
>> A new user has to quickly download keys to his contacts. The keys
>> are
>> signed by a mutually trusted CA.
>> How can he get valid keys to use trusting the CA, rather than
>> having
>> to check and sign each of them?
>
>You don't need trust signatures or any special trust models for this.
>If you trust the CA, sign the CA key. If the CA has signed your
>contacts, then you're done. The contact keys are now valid.
>
>David
>
Yes, David, you are right. I want a bit more.
Some contacts may not be directly signed by the CA, then the trust
model will be important, I suppose. How can the signature of the CA be
useful as far down the tree as possible?
Can you please explain the PGP-model and how to issue trust signatures
(tsign), with the implications for the validity of keys.
Per Tunedal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Vad är en PGP-signatur? www.clipanish.com/PGP/pgp.html
iD8DBQFCgVA+pPsTvNtsBX8RAm1PAJ9Ooh26ST8FCdRPJEwYdTQlFJYQgwCgh8Ck
Tc1x/ILLENZb6XpjzXfS4j4=
=T5eB
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list